On May 2nd, Maryland’s Governor signed the nation’s first law regulation an employer’s ability to demand that employees and/or applicants disclose their use name and passwords on internet sites. The new law becomes effective October 12 and applies to both
private and public employers in the state.
Under the statute, employers may not discharge, discipline, or otherwise penalize an employee for refusing to disclose password information covered by the legislation; nor may they refuse to hire an applicant for such refusal.
The law distinguishes between an employee’s personal accounts and any “nonpersonal accounts or services that provide access to the employer’s internal computer or information systems.” For the latter, an employer may require an employee to disclose user names and passwords.
The new law bars employees from downloading “unauthorized employer proprietary information or financial data to an employee’s personal website, an internet website, a web-based account, or a similar account.”
The statute reserves an employer’s right to conduct an investigation—based on the receipt of information about an employee’s use of various types of websites for business purposes—to ensure “compliance with applicable securities or financial law, or regulatory
Employers also retain the right to investigate an employee’s actions with regard to the downloading of unauthorized employer proprietary information or financial data.
Similar laws are now pending in California, Illinois, Minnesota and New York. 05.03.2012